28 matches found
EDraw Flowchart ActiveX Control 2.3 (.edd parsing) Remote Buffer Overflow PoC
Summary Do you want to learn how to draw? Now you can online! Learn how to draw like a local application with Edraw Flowchart ActiveX Control that lets you quickly build basic flowcharts, organizational charts, business charts, hr diagram, work flow, programming flowchart and network diagrams...
Path traversal
Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than...
CVE-2007-5826
CVE-2007-5826 describes an absolute path traversal in the EDraw Flowchart ActiveX control (EDImage.ocx 2.0.2005.1104). The vulnerability allows remote attackers to create or overwrite arbitrary files with arbitrary contents by passing a full pathname as the second argument to the HttpDownloadFile...
EDraw Flowchart ActiveX Control 2.0 - Insecure Method
EDraw Flowchart ActiveX Control 2.0 - Insecure Method ----------------------------------------------------------------------------------------------------- EDraw Flowchart ActiveX Control EDImage.ocx v. 2.0.2005.1104 "HttpDownloadFile" Insecure Method url: http://www.anydraw.com Author: shinnai...
EDraw Flowchart ActiveX Control 2.0 Insecure Method Exploit
Exploit for unknown platform in category remote exploits =========================================================== EDraw Flowchart ActiveX Control 2.0 Insecure Method Exploit ===========================================================...
EDraw Flowchart ActiveX Control 2.0 Insecure Method Exploit
No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"----------------------------------------------------------------------------------------------------- bEDraw Flowchart ActiveX Control EDImage.ocx v. 2.0.2005.1104...
EDraw Flowchart ActiveX Control 2.0 - Insecure Method
----------------------------------------------------------------------------------------------------- EDraw Flowchart ActiveX Control EDImage.ocx v. 2.0.2005.1104 "HttpDownloadFile" Insecure Method url: http://www.anydraw.com Author: shinnai mail: shinnaiatautisticidotorg site:...
Microsoft Visio文档封装远程代码执行漏洞(MS07-030)
Microsoft Visio是Office套件中用于绘制流程图的软件。 Microsoft Visio解析Visio文件格式中的打包对象的方式存在内存破坏漏洞,成功利用此漏洞的攻击者可能完全控制受影响的系统。 攻击者可能通过创建恶意Visio(.VSD、.VSS或.VST)文件诱使用户打开处理来利用此漏洞,如果用户访问恶意网站或打开电子邮件中包含的特制Visio附件,则这些文件可能允许远程执行指令。 Microsoft Visio 2003 Microsoft Visio 2002 临时解决方法: 不要打开或保存从不受信任来源或从受信任来源意外收到的Microsoft Visio文件。...